Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/IdO38S4YIdRssHlxZUHLczi2V8w.roa
File: IdO38S4YIdRssHlxZUHLczi2V8w.roa (raw, json)
Hash identifier: D6ETv9vHpvHRNzXh7orpMoqsZYhYmcHQztp4EEnJ9x0=
Subject key identifier: 21:D3:B7:F1:2E:18:21:D4:6C:B0:79:71:65:41:CB:73:38:B6:57:CC
Certificate issuer: /CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Certificate serial: 07122FB4
Authority key identifier: 82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/IdO38S4YIdRssHlxZUHLczi2V8w.roa
Signing time: Sat 01 Jan 2022 05:53:04 +0000
ROA not before: Sat 01 Jan 2022 05:53:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56561
IP address blocks: 5.39.206.0/24 maxlen: 24
5.39.204.0/22 maxlen: 22
5.39.204.0/23 maxlen: 23
5.39.204.0/24 maxlen: 24
5.39.206.0/23 maxlen: 23
5.39.205.0/24 maxlen: 24
5.39.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118632372 (0x7122fb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Validity
Not Before: Jan 1 05:53:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21d3b7f12e1821d46cb079716541cb7338b657cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7b:5e:8f:1d:6e:f7:d1:9d:73:44:00:da:37:
6b:f4:ea:82:f3:ee:85:92:fa:89:c9:c7:98:eb:79:
48:70:b5:00:d8:0a:e5:21:7f:b9:37:b4:48:81:aa:
87:ae:81:b5:77:0c:37:69:92:38:9e:9d:3e:84:91:
de:33:76:2b:cd:31:4f:dc:d6:0e:83:ef:c9:f1:1c:
97:8f:00:83:a3:00:bd:ab:5b:25:06:99:64:53:c5:
c7:7d:90:de:71:b0:33:cb:ed:48:fb:0c:ce:de:57:
62:02:e6:e3:cc:cc:90:4f:c3:99:7e:02:50:33:9e:
43:5b:2c:99:4f:0f:2c:4e:98:83:df:97:4c:2a:cc:
f6:e5:db:d3:a4:47:5a:42:9b:87:94:cc:e6:4c:2f:
73:b8:26:42:b0:be:7d:8f:ab:6e:e5:30:ca:f6:d2:
a4:38:d1:bc:76:0f:bc:e2:66:0c:86:e6:49:29:c5:
60:34:0f:0b:53:27:18:a2:32:20:bf:04:74:b0:8e:
bb:0a:e8:af:af:d6:6b:53:2c:00:b5:ee:08:52:a0:
9c:07:56:76:9c:e7:eb:17:e6:cf:90:89:35:e7:b1:
45:c8:9b:3c:49:a7:c4:77:f0:5b:58:31:4e:0a:e0:
f3:c6:ed:ec:09:2b:e9:e6:a4:c5:98:4c:c0:1a:15:
b1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D3:B7:F1:2E:18:21:D4:6C:B0:79:71:65:41:CB:73:38:B6:57:CC
X509v3 Authority Key Identifier:
keyid:82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/IdO38S4YIdRssHlxZUHLczi2V8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/goZyzXNrV-Hj38fdc2872KYWuoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.204.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:77:f7:d8:05:5f:a0:c7:be:85:23:5f:43:4a:3e:d6:f2:90:
d7:2c:7c:40:8d:8c:fb:b2:68:a7:03:c5:7e:51:63:10:1f:94:
d1:b1:b9:e0:d7:d6:35:67:51:bf:43:61:8a:19:c9:91:de:9a:
07:fb:89:11:c5:eb:3c:5f:89:0f:15:90:7f:ed:5b:9d:42:0a:
14:37:e2:8d:a5:5b:2d:4d:cc:0e:15:cc:d9:f6:5b:f3:fb:78:
ca:3d:4f:a4:71:d6:c5:95:9c:8a:a0:2c:5a:c9:e4:9f:24:dc:
9f:42:4a:08:74:21:f2:db:12:86:45:9d:c8:5e:e9:b0:27:d6:
61:69:47:ce:bc:91:3e:7c:9a:70:fe:88:ea:b9:cc:0a:ee:9f:
6c:e1:ab:6b:af:f0:a1:4c:2b:b5:15:67:86:e6:f5:6c:1f:07:
5d:40:30:0d:3b:41:f4:ef:c9:14:65:0a:0b:5a:30:ed:6c:5b:
30:8b:a3:f5:87:92:e9:80:40:9e:28:9b:e5:1d:df:7b:88:c3:
05:bb:e9:bf:81:5f:5e:33:18:71:e3:69:bf:5c:14:ea:ca:05:
b1:aa:94:5a:db:d2:24:0c:60:4c:45:94:06:13:3c:78:56:f9:
91:93:0d:72:a4:24:ee:57:4e:c6:c9:aa:a5:b0:29:dc:c1:84:
70:d9:23:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxIvtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjg2NzJjZDczNmI1N2UxZTNkZmM3ZGQ3MzZmM2JkOGE2MTZiYTgxMB4XDTIyMDEw
MTA1NTMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFkM2I3ZjEyZTE4
MjFkNDZjYjA3OTcxNjU0MWNiNzMzOGI2NTdjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANB7Xo8dbvfRnXNEANo3a/TqgvPuhZL6icnHmOt5SHC1ANgK
5SF/uTe0SIGqh66BtXcMN2mSOJ6dPoSR3jN2K80xT9zWDoPvyfEcl48Ag6MAvatb
JQaZZFPFx32Q3nGwM8vtSPsMzt5XYgLm48zMkE/DmX4CUDOeQ1ssmU8PLE6Yg9+X
TCrM9uXb06RHWkKbh5TM5kwvc7gmQrC+fY+rbuUwyvbSpDjRvHYPvOJmDIbmSSnF
YDQPC1MnGKIyIL8EdLCOuwror6/Wa1MsALXuCFKgnAdWdpzn6xfmz5CJNeexRcib
PEmnxHfwW1gxTgrg88bt7Akr6eakxZhMwBoVsRkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQh07fxLhgh1GyweXFlQctzOLZXzDAfBgNVHSMEGDAWgBSChnLNc2tX4ePf
x91zbzvYpha6gTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dvWnl6WE5yVi1IajM4ZmRjMjg3MktZV3VvRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvNTRiYjUwLTAxYmUtNGVjNi05NDE4LWVlZTdmYWU1YzAzNy8x
L0lkTzM4UzRZSWRSc3NIbHhaVUhMY3ppMlY4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
NTRiYjUwLTAxYmUtNGVjNi05NDE4LWVlZTdmYWU1YzAzNy8xL2dvWnl6WE5yVi1I
ajM4ZmRjMjg3MktZV3VvRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgUnzDANBgkqhkiG9w0BAQsFAAOC
AQEAX3f32AVfoMe+hSNfQ0o+1vKQ1yx8QI2M+7JopwPFflFjEB+U0bG54NfWNWdR
v0NhihnJkd6aB/uJEcXrPF+JDxWQf+1bnUIKFDfijaVbLU3MDhXM2fZb8/t4yj1P
pHHWxZWciqAsWsnknyTcn0JKCHQh8tsShkWdyF7psCfWYWlHzryRPnyacP6I6rnM
Cu6fbOGra6/woUwrtRVnhub1bB8HXUAwDTtB9O/JFGUKC1ow7WxbMIuj9YeS6YBA
niib5R3fe4jDBbvpv4FfXjMYceNpv1wU6soFsaqUWtvSJAxgTEWUBhM8eFb5kZMN
cqQk7ldOxsmqpbAp3MGEcNkjuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org